Best practices and recommendations from financial authorities regarding crypto asset trading have led Flowdesk to adopt administrative and organizational rules and processes to prevent market abuse.

This Market Abuse Policy, as defined by the MAR Regulation, EU 596/2014 aims to ensure that all employees comply with insider trading rules and do not misuse, or place themselves under suspicion of misuse, of inside information they may be deemed to hold, including in the periods leading up to an announcement on crypto assets and their issuers.

This policy is intended to promote compliance with the relevant obligations and restrictions under the regulations on traditional markets, including the Market Abuse Regulation. Nothing in this policy sanctions a breach of the Market Abuse Regulation, the insider trading provisions of the Economic Crime Act or any other relevant legal or regulatory requirement.

This policy applies to all employees (including salaried employees, freelancers, interns and trainees). As this policy indicates, there are parts that apply only to certain employees of the company.

DEFINITION OF MARKET ABUSE

Market abuse is defined as:

1. the conclusion of a transaction, the placing of a transaction order or any other behaviour that

• gives, or is likely to give, false or misleading signals as to the supply, demand or price of Flowdesk customers' crypto assets
• or secures, or is likely to secure, the price of one or more crypto-assets unless the person entering into a transaction placing a trade order or engaging in any other conduct establishes that such transaction, order or conduct was entered into for legitimate reasons and is consistent with accepted market practice

1. entering into a trade, placing a trade order or any other activity or behaviour that affects or is likely to affect the price of one or more of Flowdesk's clients' crypto-assets
2. the dissemination of information through the media, including the internet, or by any other means, which gives, or is likely to give, false or misleading signals as to the supply, demand or price of a client's crypto asset, or is likely to set the price of one or more client-issued crypto assets at an abnormal or artificial level, including the dissemination of rumours, where the person making the dissemination knew, or ought to have known, that the information was false or misleading
3. the transmission of false or misleading information or the provision of false or misleading material in relation to a reference asset, where the person who made the transmission or provided the material knew or ought to have known that it was false or misleading.

COMPLIANCE DEPARTMENT

The Compliance Department has the duties and powers set out in this policy. The Management Team may assign additional duties or powers to the Compliance Department. The Compliance Department may, in exceptional circumstances and in consultation with the Senior Management Team, grant exemptions from the prohibitions, restrictions or obligations set out in this Policy.

IDENTIFIED RISKS OF MARKET ABUSE

Prohibition of insider trading

Employees who have inside information are prohibited from trading in the crypto-assets to which the inside information relates. In addition, an employee is prohibited from trading during any period in which the compliance department has prohibited the employee from doing so.

This prohibition does not apply if the employee makes a transaction in fulfilment of an obligation that has become due in good faith and not for the purpose of circumventing the insider trading prohibition or for any other illegitimate reason and :

1. this obligation arises from a previous order or agreement
2. (or) the transaction is made to satisfy a legal or regulatory obligation that arose before the employee concerned was made aware of inside information.

Where the employee is a legal person, the trading restrictions shall also apply, in accordance with national law, to natural persons who participate in the decision to acquire, dispose of, cancel or modify an order on behalf of the legal person concerned.

Prohibition of disclosure

Employees are prohibited from illegally disclosing privileged information to a third party, unless the disclosure is made in the normal course of employment, profession or duties.

Employees with inside information are prohibited from recommending or inducing another person to trade in the crypto assets of Flowdesk customers

Market manipulation

Employees are prohibited from engaging or attempting to engage in market manipulation.

Duty to cooperate

Employees are required to provide all assistance reasonably required for the purposes of an investigation by the Compliance Department.

If an Employee is in doubt as to whether a prohibition under this Policy or applicable law applies, he or she may seek advice from the Compliance Department. However, Employees remain responsible for compliance with this Policy and applicable law and should obtain their own legal advice if necessary or appropriate.

If an Employee is in doubt as to whether a prohibition under this Policy or applicable law applies, he or she may seek advice from the Compliance Department, it being understood that any guidance or advice provided by the Compliance Department is advisory only. However, Employees remain responsible for compliance with this Policy and applicable law and should obtain their own legal advice if necessary or appropriate. Ultimately, it is the Employee's responsibility to decide whether to trade in Flowdesk securities. Regardless of the guidance or advice of the Compliance Department, if the Employee fails to comply with his or her legal obligations, he or she may be subject to sanctions.

The compliance officer can be contacted by e-mail at the following address: compliance@flowdesk.co

ADDITIONAL RULES FOR SENSITIVE EMPLOYEES

Prohibited periods

A sensitive employee is prohibited from trading in client crypto-assets during blackout periods, whether or not he/she possesses inside information, unless he/she obtains permission from Flowdesk.

Outside the blackout periods, a sensitive employee is allowed to trade, unless he or she has inside information.

A sensitive employee must report to the compliance officer each transaction in customer crypto-assets made on his or her own behalf on the third business day following the date of that transaction.

Long-s investments

If a sensitive employee holds client-issued crypto-assets, they must hold them for long-term investment purposes. Employees are prohibited from buying or selling options on client-issued crypto-assets or short selling client-issued crypto-assets.

Declarations

A sensitive employee must report to the compliance department each transaction involving crypto-assets issued by a customer

The Compliance Officer must have received the request by 13:00 (CET) one working day before the intended trade date (or other event triggering the notification requirement). The request must be accompanied by a draft containing full details (to the extent available). On the date of the transaction (or other notification event), the sensitive employee must confirm (or amend) these details. The Compliance Officer may make additional requirements.

The prohibitions defined by this policy remain applicable to the sensitive employee for a period of three months after the end of his/her duties.

Authorisation to treat

A sensitive employee (other than the president of Flowdesk) or a compliance officer must not trade in client-issued tokens without first informing the president and must receive permission to trade from the president.

Managing directors must not trade in client-issued tokens without first informing the president of Flowdesk and receiving permission to trade from him or, if the president of Flowdesk is not present, without first informing the compliance department and receiving permission to trade from that person.

A response to a request for transaction authorisation should normally be given within two working days of the request.

Flowdesk will keep a record of the response to any transaction request made and any authorisation given. A copy of the response and authorisation (if any) will be given to the person concerned.

A person who receives authorisation to carry out a transaction must do so as soon as possible and in any event within two working days of receiving the authorisation.

TRANSACTIONS PERMITTED DURING BLACKOUT PERIODS

Authorised transactions

In the following circumstances, trading by a restricted person who is not in possession of inside information may be permitted during a blackout period:

1. on a case-by-case basis due to the existence of exceptional circumstances, such as severe financial difficulties, which require the immediate sale of crypto-assets issued by customers
2. or because of the characteristics of the relevant transaction for transactions in which the interest in the relevant crypto-asset does not change, provided that the sensitive employee can demonstrate that the particular transaction cannot be executed at any other time than during the blackout period.

Permission may be given to an individual to sell (but not buy) client-issued crypto-assets when this policy would otherwise prohibit the individual from doing so. Only the designated Compliance Officer can determine whether the individual in question is in serious financial difficulty or whether other exceptional circumstances exist.

Exceptional circumstances

A sensitive employee must provide a reasoned written request to the compliance department to obtain Flowdesk's permission to proceed with the immediate sale of customer-issued crypto-assets during a blackout period. The written request must describe the intended transaction and explain why the sale of crypto-assets is the only reasonable alternative to obtain the necessary funding. When considering whether the circumstances described in the above-mentioned written request are exceptional, the Compliance Officer shall be guided by the indicators set out in the Market Abuse Regulation and related guidelines and standards.

Circumstances are considered exceptional when they are extremely urgent, unforeseen and compelling and when their cause is external to the sensitive employee and the sensitive employee has no control over them. Flowdesk takes into account, among other indicators, whether and to what extent the sensitive employee :

1. has a financial commitment or legally enforceable claim at the time of application
2. has to pay or is in a situation entered into prior to the commencement of the restricted period requiring payment of an amount to a third party, including a tax obligation, and cannot reasonably satisfy a financial obligation or claim by any means other than the immediate sale of the customer-issued crypto assets

‍

REPORTING

Reporting obligations of sensitive persons

Each sensitive employee must promptly, and no later than three business days from the date of the transaction, notify the compliance department of any transaction in customer crypto-assets made or conducted by him or on his behalf. A non-exhaustive list of transactions that must be notified is included below.

This notification may be delayed by a sensitive employee until such time as transactions on his or her own account amount to at least €5,000 per calendar year.

Sensitive employees will at all times remain ultimately responsible for meeting their notification obligations in a timely manner.

Flowdesk reporting obligation

---

Reportable transactions

The transactions in client-issued crypto-assets that must be notified to the Compliance Officer are as follows:

1. acquisition, disposal, short sale or exchange
2. entering into or exercising swaps involving the crypto-assets issued by clients
3. transactions in derivatives or related to clients' crypto-assets
4. entering into a CFD on a client-issued crypto asset or auction products based on it
5. the acquisition, assignment or exercise of rights, including put and call options, and warrants on crypto-assets issued by clients
6. subscription to a client's ICO
7. transactions conditional on the fulfilment of conditions and the actual execution of the transactions
8. whether or not to automatically convert a crypto asset issued by a client into another crypto asset
9. gifts and donations made or received and inheritances received
10. transactions executed within indices, baskets and derivatives containing one or more tokens issued by a client
11. transactions executed in shares or units of funds containing crypto-assets issued by customers
12. transactions executed by a third party under an individual portfolio or asset management mandate for the account or benefit of a sensitive employee
13. borrowing or lending of customer-issued crypto-assets, derivatives or any other related financial instruments

LIST OF INSIDERS

Taking the recommendations of the MAR Regulation as a model, Flowdesk keeps a list of persons who have access to inside information (the insider list). The list includes the following information:

1. Name (first name, surname, maiden name)
2. The telephone number
3. The name of the company (if freelance), of the school (if trainee)
4. The function and reasons for including the person in the list
5. The date from which the person obtains confidential information
6. The date on which a listed person ceases to have confidential information
7. The date of birth of the person
8. The identity card number
9. The person's home address
10. The date the list was created and the date it was updated.

The Insider List is maintained by the Compliance Officer who updates it promptly in the following circumstances:

• when there is a change in the reason for inclusion of a person already on the Insider List,
• when a new person has access to Inside Information and must therefore be added to the insider list
• when a person ceases to have access to Inside Information.

Personal data collected in accordance with this policy will be retained for a period of at least five years after the date of registration in the insider list or modification of the data or for any other period required by applicable law. Flowdesk is responsible for processing the personal data to be included in the list. Personal data will only be processed for the purposes specified in this policy or for other purposes permitted by applicable law. A person on the insider list may request the Compliance Officer to view his or her personal data on the insider list. Upon request, the Compliance Officer will provide the person concerned with a summary of the relevant personal data within four weeks or within the period required by applicable law.

This personal data may be provided to the competent authorities upon request if

• it is necessary to comply with the applicable legislation
• if it is in the interest of Flowdesk

The information on the insider list will not be provided to other parties, unless required or permitted by law or if a legitimate interest of Flowdesk requires it.

PENALTIES

In the event of a breach of any of the provisions of this policy, Flowdesk reserves the right to impose any sanction it is entitled to impose in accordance with the applicable legislation or the terms of employment applicable to the employee concerned. Such sanctions may include termination of employment by way of dismissal for gross misconduct. Flowdesk may also inform any authority of its findings.

‍

Last updated: 26/07/2021

The best practices and recommendations of the French authorities regarding crypto-asset trading have led Flowdesk to set up and apply organisational and administrative rules and processes aimed at preventing conflicts of interest that could harm the interests of Flowdesk's clients.

Through the lifetime of a company, and as in any financial company, certain situations lead to potential or real conflicts of interest. At the moment, no regulation or law requires Flowdesk to build a conflict of interest policy. However, the company believes that it is in its interest to prevent abuses and to protect its clients, employees, partners and counterparties.

Flowdesk undertakes to take all necessary measures to identify, manage, record and eventually declare any conflict of interest between the company (including its managers, employees and any person directly or indirectly linked to it) and its clients and between its clients and to have a conflict of interest policy to deal with them. This includes conflicts that may arise when Flowdesk carries out its market making activity.

This Policy is adopted by Flowdesk, its employees, managers and directors. It is binding on the directors and beneficial owners of Flowdesk. It has been prepared for a small-scale crypto-asset market making company. Flowdesk will ensure that it takes all necessary measures to prevent and manage conflicts of interest that could be detrimental to the interests of its clients and to adapt its policy to its evolution.

Definition of conflict of interest

A conflict of interest is a situation that could be detrimental to the interests of its clients because of the interests of :

• Flowdesk and its various clients
• Any Flowdesk’s client and those of another client differ

An interest is the source of any direct or indirect benefit, of any nature, tangible or intangible, professional, commercial, financial or otherwise or personal.

Role of the Compliance Department

Flowdesk's compliance department ensures that conflicts of interest or potential conflicts of interest are:

1. Detected
2. Averted
3. Or so unavoidable that they are properly managed,reported, and recorded

To achieve this objective, training is provided to all employees (at least once a year) and to new employees. Monitoring is carried out to cover areas such as gifts and invitations. Flowdesk's compliance department ensures transparency on conflicts of interest and declares them to the appropriate party.

Types of conflicts of interest

When Flowdesk identifies services and activities that could be detrimental to a client's interests, the company will take into account at least :

• The likelihood that Flowdesk will achieve a gain or avoid a loss to the customer
• If Flowdesk has an interest in the outcome of an activity or service provided, or a transaction carried out on behalf of a client that is distinct from the interests of that client
• If Flowdesk offers market opportunities in a fair and equitable way to its customers
• Whether Flowdesk has financial or non-financial incentives to further the interests of a client or group of clients
• If Flowdesk carries out similar activities on behalf of several clients
• Whether there are any third party incentives in relation to the services provided in the form of fees, goods or services other than the standard commissions, fees or incentives for the services in question.

Flowdesk has identified the risks of general and specific conflicts of interest and the circumstances in which they arise. The company establishes and implements organisational and administrative rules and processes that demonstrate that all necessary measures have been taken to prevent or manage such conflicts if they are of a nature to constitute or increase damage to the interests of clients.

Flowdesk will take care to avoid conflicts of interest and where they cannot be avoided will seek to ensure that its clients are treated fairly.

When a potential conflict of interest arises, Flowdesk will always seek to ensure that transactions and services are conducted according to rules that are not materially less favourable to the client than those that apply to the other client whose interests are in actual or potential conflict

When the internal measures applied by Flowdesk are not sufficient to ensure with sufficient confidence that the risks of damage to a customer's interests will be prevented, an appropriate declaration will be made to the various parties concerned as a last resort.

Potential conflicts of interest identified and risk mitigation solutions

Flowdesk carries out the following activities:

• Market making on crypto-assets on behalf of its clients
• Provision of crypto asset brokerage services on behalf of its professional and non-professional clients
• Proprietary trading
• Infrastructure development and trading technologies
• Execution of transactions on behalf of clients
• Teaching at business schools

Flowdesk does not carry out any activities on financial instruments. Flowdesk sometimes takes custody of its clients' funds directly or uses API keys for limited access to clients’ accounts.

As part of its governance, Flowdesk has established systems of internal controls and administrative and organisational rules and processes that are designed to manage actual or potential conflicts and to prevent damage to the interests of its customers.

Flowdesk's managers, with the help of the compliance and legal departments, are responsible for diligently and prudently identifying and managing real or potential conflicts of interest. Operators are responsible for monitoring their own risks on a daily basis.

Procedures and measures for managing conflicts of interest are both general and specific. The general ones are intended to be company-wide and to establish the structures and cultures that ensure good business practice. The specific ones are designed to address the risks attributable to particular identified circumstances.

The general rules and procedures are described below. Specific rules and procedures to address the circumstances described above are described in a specific register maintained by the Compliance Department.

General risk mitigation measures

• Formal allocation of roles and responsibilities
• Documentation of policies and procedures covering key activities and procedures
• Autonomy of process control and monitoring responsibilities
• Updating of the conflict of interest policy approved by all Flowdesk managers and to which all employees must adhere
• Regular reminders from managers to employees on the importance of managing conflicts of interest
• Whistleblower procedure for anyone who suspects a conflict of interest that has not been properly dealt with
• Updating codes of conduct and business ethics policies
• Document from each employee certifying that all potential or actual conflicts of interest of which they are aware have been raised and addressed
• Conflict of interest awareness training when a new employee joins and repeated annually thereafter
• Use of physical means to prevent the sharing of sensitive information between all departments when and if necessary
• Consideration of all potential conflicts of interest and their effective management in relation to the outsourcing of certain functions to third parties and consideration of whether these third parties also have conflict of interest policies that they effectively apply
• Consideration of potential conflicts of interest in the development and deployment of a new product or service
• Consideration of potential conflicts of interest before proposing a business opportunity to a specific client
• Requirement for all employees to report any potential or actual conflicts to the compliance department
• Monitoring of potential conflicts of interest and associated mitigations by independent and competent functions
• Periodic checks

All employees are responsible for identifying and safeguarding the circumstances in which a conflict of interest could arise or has arisen in the course of activities conducted by Flowdesk. This document will be saved on the Flowdesk drive and will be subject to review and feedback by the Flowdesk compliance department and management team.

Employees are responsible for identifying and reporting policy violations to the Compliance Department.

Conflict of interest declaration and solutions

At present, a number of potential sources of conflict of interest have been identified for the services provided by the company. These are described below and are complemented by the associated risk mitigation solutions. To make them more readable, they are grouped into several key categories: personal conduct and remuneration and company interests

Personal conduct and personal remuneration

Potential conflict: Cases where a Flowdesk employee or manager trades for his or her own account or is interested in assets held or traded by the firm on behalf of a client.

Control by Flowdesk: Flowdesk implements procedures detailing the requirements for prior authorisation and/or notification of blackout periods and trading restrictions on the relevant assets. All such transactions are recorded and monitored. Where violations are identified, they are followed up immediately. In addition, periodic reports are produced by the Compliance Officer and submitted to senior management identifying any violations and, where appropriate, making recommendations for procedural changes.

Incentives, gifts and invitations

Potential conflict: Non-monetary benefits such as gifts and invitations received and given may influence behaviour in a way contrary to the interests of Flowdesk's customers. The receipt of non-monetary benefits by Flowdesk employees from Flowdesk's business partners may influence Flowdesk to use or retain the services of another company, which may not be in the best interests of Flowdesk's customers.

Control by Flowdesk: Flowdesk has an incentive (non-monetary benefits) policy covering gifts, benefits and entertainment (Incentive Policy) which specifies what is acceptable or reasonable depending on the investment service provided. All Flowdesk employees are required as part of the annual Code of Ethics declaration to confirm that they have complied with the Incentive Policy. Only non-monetary benefits that do not undermine Flowdesk's duty to act in the best interests of clients are permitted. In addition, the policy requires that all non-monetary benefits provided or received by Flowdesk are intended to improve the quality of service to clients. A Flowdesk business team or its staff is prohibited from providing or receiving a non-monetary benefit that is conditional on Flowdesk doing business with the person or entity concerned. Records are kept and monitoring is carried out on non-monetary benefits received and given. Furthermore, Flowdesk will provide customers with all the necessary information to ensure transparency.

Remuneration

Potential conflict: Employees are remunerated on the basis of several components of remuneration, including base salary, cash bonuses and deferred share awards and long-term share distributions. Cash bonuses and deferred bonuses are variable components of compensation that are intended to motivate and reward individuals for their contribution to the company's annual results and not to encourage inappropriate risk-taking.

Control by Flowdesk: Flowdesk has a collegial control of remuneration organised with the CFO (finance), the CEO (executive), the COO (operations) and the CCO (compliance). The Committee meets regularly and is responsible for determining the components and level of remuneration paid to all employees and for ensuring that everyone's remuneration is aligned with the long-term interests of Flowdesk's clients and shareholders.

External interests

Potential conflict: Flowdesk employees may be employees or managers of companies not associated with Flowdesk. This could potentially lead to the employee not acting in the best interest of Flowdesk or its customers.

Control by Flowdesk: This problem is limited by a control of all external professional relationships which must be authorised in advance by the compliance department after checking that no conflict of interest exists or is likely to exist in the future. In addition, Flowdesk's Code of Ethics provides for an annual signed declaration detailing any relevant external interests. Where an employee has an interest in a company related to Flowdesk, he or she must, depending on the circumstances, waive any remuneration from that outside interest.

Trading opportunities

Potential conflict: The processes involved in sourcing assets, executing trades, allocating assets as part of a trade could result in unfair execution or allocation of opportunities on client accounts and trades being executed in priority to favour one or more clients at the expense of other clients. Exchange-related services may offer different opportunities for customers and Flowdesk, which may potentially affect the incentive to use a particular exchange. This incentive may result from differences between exchanges in the structure and method used to determine the exchange's remuneration as well as from opportunities that may be open to Flowdesk to obtain commercial or professional advantages.

Control by Flowdesk:

• Aggregation of orders and ordering of trades: When executing client trades, Flowdesk may combine orders where it reasonably believes that this will result in a more favourable overall execution and will be in the best interests of clients. Flowdesk will arrange to execute orders in turn from among all orders received by the trading desks
• Opportunity allocation: Flowdesk has implemented strict allocation procedures in order to guarantee a fair allocation of opportunities to all its clients. If there is sufficient liquidity for buying or selling, Flowdesk will allocate the orders to buy or sell the token or corner in proportion to the relative size of the orders. This is subject to control.
• Reallocation: In certain circumstances, the allocation of a transaction may deviate from the pro-rata approach. These cases must be justified and be in the best interest of all clients involved and clearly documented. In addition, Flowdesk may from time to time, where the contract allows, sell the asset of one client to another client. These transactions are recorded and monitored.

‍

Client's choice of exchange and potential conflict of interest

Potential conflict: When the client does not use the exchange list provided by Flowdesk, a conflict may arise between the client's instruction and the obligation to provide best execution to all clients.

Control by Flowdesk: When Flowdesk is no longer able to guarantee best execution to the client by facilitating the client's preference, it is made clear in advance that Flowdesk's standard trading orders will take priority.

Own-account investment

Potential conflict: A conflict may arise when Flowdesk or its employees invest on their own account in certain tokens or coins. It is possible that these tokens are favoured to the detriment of the clients' interests or that the tokens or coins held by Flowdesk are treated in priority to those of the client.

Control by Flowdesk: When Flowdesk's interests are in conflict with those of the client, the transactions carried out on behalf of the client are always treated as a priority. Furthermore, Flowdesk's own operations will gradually disappear.

Insider information

Potential conflict: A potentially significant conflict that arises on an ongoing basis is that some of the company's employees, to varying degrees, have access to material non-public information about potentially sensitive tokens or corners and transactions that may affect the market.

Control by Flowdesk: When employees become aware of inside information (and become "insiders" in the traditional finance equivalent), the assets in question are placed on the restricted list. Employees are not allowed to trade in restricted securities. There is an explicit disclosure and approval process enforced through strict personal account trading rules and a code of ethics that applies to all employees. All employees who oversee these transactions are subject to additional approval requirements for personal account trading. In the case of hard forks, prior to any transaction the employee must disclose details of any non-public information held to the compliance officer who will decide whether the transaction can proceed. In addition, periodic checks are carried out.

Operations conducted on behalf of exchanges

Potential conflict: As part of its activities, Flowdesk enters into contracts with certain exchange platforms. Where these service providers are also Flowdesk's customers, this could allow Flowdesk to retain the services of an underperforming service provider for commercial or convenience reasons rather than in the best interests of the customers.

Control by Flowdesk: Flowdesk manages the relationship with the service provider and all aspects of the quality of the service provision. Service level agreements and management reports are put in place to monitor the performance of the service provider. Where performance falls below acceptable standards, procedures are followed to escalate the issue to Flowdesk management and the service provider company. Flowdesk does not tolerate persistent underperformance by a service provider company and if this occurs, Flowdesk management will take appropriate action to ensure that adequate service levels are provided to customers and Flowdesk. The outsourcing policy requires that conflicts of interest be considered.

Market manipulation

Potential conflict: Excessive trading by a market player can disrupt Flowdesk's operations and could harm the interests of the company's clients.

Control by Flowdesk: An excessive trading policy is in place and trading is monitored by the CEO to ensure that it is applied fairly and consistently in the interests of all. The CEO is empowered to take action against investors who are suspected of exhibiting potential excessive trading patterns.

Privileged communication

Potential conflict: If information about a token or exchange is provided to specific customers, this may give them an information advantage over other investors.

Control by Flowdesk: A disclosure policy is in place to ensure that disclosures are made fairly and that no selective disclosure is made.

Fees

Potential conflict: Transactions may involve an investment for which Flowdesk may receive a commission, fee, mark-up or discount payable otherwise than by the client and Flowdesk may also be remunerated by the counterparty to such a transaction.

Control by Flowdesk: Fees for Flowdesk services are stipulated in the contracts and planned in advance.

Conflict of interest declaration

When the internal rules and processes put in place and applied by Flowdesk are not sufficient to guarantee, with a reasonable degree of confidence, that the risks of harm to a client's interests will be avoided, then the client will be informed by a declaration.

Declarations must :

• Detail the general nature or sources of conflicts of interest or both
• Detail the measures taken to mitigate these risks
• Clearly state that the administrative and organisational rules and processes put in place by Flowdesk to prevent or manage this conflict are not sufficient to ensure with reasonable confidence that the risks of harm to the customer's interests will be avoided
• Include a specific description of conflicts of interest that arise in the context of the services provided
• Explain the risks to the client arising from conflicts of interest

The information provided shall be sufficiently detailed, taking into account the nature of the client, to enable the client to make an informed decision about the service in which the conflict of interest arises. The information shall be provided in an appropriate durable medium.

The disclosure of a conflict of interest to a client does not relieve Flowdesk from maintaining and operating effective organisational and administrative arrangements to take all reasonable and appropriate steps to prevent or manage conflicts of interest from constituting or giving rise to prejudice to the interests of its clients.

Flowdesk should consider disclosure of conflicts of interest as a measure of last resort to be used only when the effective organisational and administrative arrangements in place to prevent or manage its conflicts of interest are not sufficient to ensure, with reasonable confidence, that the risks of damage to the client's interests will be avoided.

Where Flowdesk identifies a situation that will potentially require disclosure of conflicts of interest, this matter will be referred to the CEO of Flowdesk who will review and agree on the most appropriate course of action.

The commercial function is responsible for disclosing any potential or factual conflict of interest to its client.

Compliance provides advice and guidance and will regularly monitor these activities.

Reporting

This policy document will be reviewed as necessary at least annually by the compliance department to ensure that it remains current in light of the scope of Flowdesk's activities, its operational structure, its strategic plans, applicable regulatory changes and the nature of its clients. This review should ensure that all appropriate steps are taken to address any shortcomings, such as over-reliance on conflict of interest disclosure.

A conflict register will be maintained detailing the nature of the conflict, how it gives rise to a material risk of disadvantage to clients, the proposed mitigation measure, how it complies with the Conflicts of Interest Policy, and the remedies undertaken to confirm its effective implementation. Responsibility for maintaining this register rests with Compliance.

A report will be produced by Compliance, detailing any new conflicts recorded and proposing changes to previously identified conflicts, for submission to the CEO on a quarterly basis.

‍